<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<h2> DAVTest包装说明</h2><p style="text-align: justify;"> DAVTest通过上传测试的可执行文件，然后（可选）上传文件，这允许执行命令，或者直接在目标上的其他操作测试启用WebDAV服务器。它是为渗透测试人员能够快速，轻松地确定是否启用DAV服务攻击。 </p><p> DAVTest支持： </p><ul><li>自动发送攻击文件</li><li>自动随机目录，以帮助隐藏文件</li><li>发送文本文件，并尝试MOVE到可执行文件名称</li><li>基本和摘要授权</li><li>自动清理文件上传</li><li>发送任意文件</li></ul><p>资料来源：https://code.google.com/p/davtest/ <br> <a href="http://code.google.com/p/davtest" variation="deepblue" target="blank">DAVTest首页</a> | <a href="http://git.kali.org/gitweb/?p=packages/davtest.git;a=summary" variation="deepblue" target="blank">卡利DAVTest回购</a> </p><ul><li>作者：Sunera，LLC。 </li><li>许可：GPLv3的</li></ul><h3>包含在davtest包工具</h3><h5>davtest – Testing tool for WebDAV servers<br>
<h5>
<code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="7a0815150e3a111b1613">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# davtest<br>
<br>
ERROR: Missing -url<br>
<br>
/usr/bin/davtest -url &lt;url&gt; [options]<br>
<br>
 -auth+     Authorization (user:password)<br>
 -cleanup   delete everything uploaded when done<br>
 -directory+    postfix portion of directory to create<br>
 -debug+    DAV debug level 1-3 (2 &amp; 3 log req/resp to /tmp/perldav_debug.txt)<br>
 -move      PUT text files then MOVE to executable<br>
 -nocreate  don't create a directory<br>
 -quiet     only print out summary<br>
 -rand+     use this instead of a random string for filenames<br>
 -sendbd+   send backdoors:<br>
            auto - for any succeeded test<br>
            ext - extension matching file name(s) in backdoors/ dir<br>
 -uploadfile+   upload this file (requires -uploadloc)<br>
 -uploadloc+    upload file to this location/name (requires -uploadfile)<br>
 -url+      url of DAV location<br>
<br>
Example: /usr/bin/davtest -url http://localhost/davdir</code>
<h3>davtest Usage Example</h3>
</h5></h5><p>扫描指定的WebDAV服务器<b><i>（-url http://192.168.1.209）：</i></b> </p><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="1e6c71716a5e757f7277">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# davtest -url http://192.168.1.209<br>
********************************************************<br>
 Testing DAV connection<br>
OPEN        SUCCEED:        http://192.168.1.209<br>
********************************************************<br>
NOTE    Random string for this session: B0yG9nhdFS8gox<br>
********************************************************<br>
 Creating directory<br>
MKCOL       SUCCEED:        Created http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox<br>
********************************************************<br>
 Sending test files<br>
PUT asp FAIL<br>
PUT cgi FAIL<br>
PUT txt SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.txt<br>
PUT pl  SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.pl<br>
PUT jsp SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.jsp<br>
PUT cfm SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.cfm<br>
PUT aspx    FAIL<br>
PUT jhtml   SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.jhtml<br>
PUT php SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.php<br>
PUT html    SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.html<br>
PUT shtml   FAIL<br>
********************************************************<br>
 Checking for test file execution<br>
EXEC    txt SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.txt<br>
EXEC    pl  FAIL<br>
EXEC    jsp FAIL<br>
EXEC    cfm FAIL<br>
EXEC    jhtml   FAIL<br>
EXEC    php FAIL<br>
EXEC    html    SUCCEED:    http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.html<br>
<br>
********************************************************<br>
/usr/bin/davtest Summary:<br>
Created: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox<br>
PUT File: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.txt<br>
PUT File: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.pl<br>
PUT File: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.jsp<br>
PUT File: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.cfm<br>
PUT File: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.jhtml<br>
PUT File: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.php<br>
PUT File: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.html<br>
Executes: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.txt<br>
Executes: http://192.168.1.209/DavTestDir_B0yG9nhdFS8gox/davtest_B0yG9nhdFS8gox.html</code><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
